[英]How Do I Seed SSH Keys For Ansible Using Terraform?
I am creating my Ubuntu VMs with terraform and will subsequently configure them with ansible.我正在使用 terraform 创建我的 Ubuntu VM,随后将使用 ansible 配置它们。
However, ansible needs a user and ssh keys set up to connect so the public key used for ansible needs to be in the authorized_keys
file on the server.但是,ansible 需要设置用户和 ssh 密钥才能连接,因此用于 ansible 的公钥需要位于服务器上的
authorized_keys
文件中。
If I use my ssh public key it will work on my machine but it wont work on other machines or on the build server as they wont have the private key.如果我使用我的 ssh 公钥,它将在我的机器上工作,但它不会在其他机器或构建服务器上工作,因为它们没有私钥。
What is the command to create a new key and not overwrite my current key?创建新密钥而不覆盖当前密钥的命令是什么?
Should I check this key into git so that the same key is passed to terraform?我应该将此密钥检查到 git 中以便将相同的密钥传递给 terraform 吗?
How do I change my terraform task to use the key from version control?如何更改我的 terraform 任务以使用版本控制中的密钥?
Current Terraform task:当前 Terraform 任务:
resource "azurerm_virtual_machine" "client-vm" {
name = "${var.prefix}-${var.client_name}-vm"
resource_group_name = var.resource_group_name
location = var.resource_group_location
network_interface_ids = [azurerm_network_interface.network-interface.id]
vm_size = "Standard_D2s_v3"
storage_image_reference {
publisher = "Canonical"
offer = "UbuntuServer"
sku = "18.04-LTS"
version = "latest"
}
#TODO: Switch to SSH Keys
os_profile {
computer_name = "${var.client_name}"
admin_username = var.username
admin_password = var.password
}
os_profile_linux_config {
disable_password_authentication = false
}
}
Yes, at least if this is how your cloud provider handles SSH keys.. (eg AWS does):是的,至少如果这是您的云提供商处理 SSH 密钥的方式..(例如 AWS 这样做):
resource "aws_instance" "web" {
ami = "${data.aws_ami.ubuntu.id}"
instance_type = "t2.micro"
key_name = "name_of_the_aws_keypair"
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.